@prologic@twtxt.net I don’t understand what you’re saying. podman
works with TLS. It does not have the “–docker” siwtch so you have to remove that and use the exact replacement commands that were in that github comment.
@prologic@twtxt.net what do you mean when you say “Docker API”? There are multiple possible meanings for that. podman
conforms to some of Docker’s APIs and it’s unclear to me which one you say it’s not conforming to.
You just have to Google “podman Docker API” and you find stuff like this: https://www.redhat.com/sysadmin/podman-rest-api
What is Podman’s REST API?Podman’s REST API consists of two components:
- A Docker-compatible portion called Compat API
- A native portion called Libpod API that provides access to additional features not available in Docker, including pods
Or this: https://docs.podman.io/en/latest/markdown/podman-system-service.1.html
The REST API provided by podman system service is split into two parts: a compatibility layer offering support for the Docker v1.40 API, and a Podman-native Libpod layer.
@prologic@twtxt.net podman supports TLS.
$ podman --docker
Error: unknown flag: --docker
Why are you using a flag that podman
doesn’t have?
@prologic@twtxt.net Change your script to this:
#!/bin/sh
set -e
alias docker=podman
if [ ! command -v docker > /dev/null 2>&1 ]; then
echo "docker not found"
exit 1
fi
mkdir -p $HOME/.docker/certs.d/cas
## key stuff omitted
# DO NOT DO THIS docker context create cas --docker "host=tcp://cas.run:2376,ca=$HOME/.docker/certs.d/cas/ca.pem,key=$HOME/.docker/certs.d/cas/key.pem,cert=$HOME/.docker/certs.d/cas/cert.pem"
# DO THIS:
podman system connection add "host=tcp://cas.run:2376,ca=$HOME/.docker/certs.d/cas/ca.pem,key=$HOME/.docker/certs.d/cas/key.pem,cert=$HOME/.docker/certs.d/cas/cert.pem"
# DO NOT DO THIS docker context use cas
# DO THIS:
podman system connection default cas
@prologic@twtxt.net hmm, bummer. I was hoping that translating the docker
commands to podman
syntax would work but it looks like it’s more subtle than that. Thanks for trying!
The weird thing was I wasn’t getting errors like that on my end when I tried it. podman
thought the connection was created, and it set it as the default. But I don’t think it was sending anything over the wire. When I have more time to tinker with it maybe I’ll play around and see if I can figure out what’s up.